Skip to content

folays/newpid

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
references
references
 
 
LICENSE
LICENSE
 
 
README
README
 
 
compile.sh
compile.sh
 
 
newpid
newpid
 
 
newpid.c
newpid.c
 
 

Repository files navigation

newpid implements the userland interface to PID namespaces on Linux

It:
- unshare the PID namespace
- unshare the mount namespace (so that it can remount /proc, needed by "ps" and co...)
- start a daemon so that you can further connect to it as many times you wish (like "screen")
- implement pty/tty so that you can run a text editor

CAVEATS:
- there is no protocol besides the initial connection, so once you got a shell inside the instance,
  "window resizes" won't be transmitted to the tty slave
- I didn't bothered to implement a terminal client, so for client-side, newpid forks a "socat" instance
  (which will handle terminal non-canonical mode/raw for us)

==== LAUCH a daemon

newpid --daemon jail
newpid --daemon --chroot=/image/ jail
newpid --daemon --chroot=:/image/ jail

(the ":" in front of the --chroot path here denotes to always chroot no matter if the client used the --chroot flag)

newpid --daemon --nproc=32 jail

==== KILL a daemon

newpid --kill jail

==== RUN something

# open a terminal
newpid jail

newpid jail -- ps auxf
newpid jail -- ls -laF /

# HERE --chroot will make you chroot if the daemon was invoked with --chroot=/path/to/somewhere/
#  if the --chroot path of the daemon was preprended with a ":", you will always be chrooted so the --chroot flag in
# the client is somewhat virtually useless in this case
newpid jail --chroot -- ls -laF /

newpid jail kill -9 -1

About

userland interface to PID namespaces on Linux

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages